cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/js/all.min.js
104.17.24.14200 OK 501 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/js/all.min.js
IP 104.17.24.14:443
Requested by https://1fe743a4cb9712.lhr.life/index.html.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65317)
Size 501 kB (501024 bytes)
Hash 735c741071f8d6c8ce8b5d50efe5516a
1b67e9bb36ae7104676591491c69c9b767777ab9
8735c609d465ac29d79bd284e7f08bfe7777de77c4743ca96bb55284d041a785
GET /ajax/libs/font-awesome/6.1.1/js/all.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1fe743a4cb9712.lhr.life
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 12:50:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 501024
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "623a082a-7a520"
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 572405
expires: Mon, 28 Apr 2025 12:50:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dR5pe7j0xi2UhEAkCH9dx1y8fo7XtT51SLSU1QJXmJX%2F0grRaoficezMA%2Fp00izAyA8frKg6j2sq3hfRZ7713OrxseVrF4fMJ7mvzEKY8yAKoBdp7jflOj9AsaM%2F5agz7bnhPY8C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880993978f97b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.webrtc-experiment.com/DetectRTC.js
185.199.108.153200 OK 8.2 kB URL GET HTTP/2 www.webrtc-experiment.com/DetectRTC.js
IP 185.199.108.153:443
Requested by https://1fe743a4cb9712.lhr.life/index.html.php
Certificate IssuerLet's Encrypt
Subjectwww.webrtc-experiment.com
FingerprintC4:28:60:27:09:07:58:92:76:32:BF:C3:5F:17:0F:49:ED:59:C9:E3
ValidityTue, 12 Mar 2024 04:12:56 GMT - Mon, 10 Jun 2024 04:12:55 GMT
File type JavaScript source, ASCII text
Hash 7480dcbc49f5ba1f6a9d860d5911c0b7
c4d0de5254d166f394bf8b8a4d8d67a7a4100adf
52f03d0d735b0b376225b3fc225a28fc06533d5c7930a0dcbaa985ac72a1498e
GET /DetectRTC.js HTTP/1.1
Host: www.webrtc-experiment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1fe743a4cb9712.lhr.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Sun, 26 Nov 2023 13:52:09 GMT
access-control-allow-origin: *
etag: W/"65634d89-9d7e"
expires: Wed, 08 May 2024 04:55:51 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 4834:358315:55D96D7:5836AD7:663B037E
accept-ranges: bytes
date: Wed, 08 May 2024 12:50:37 GMT
via: 1.1 varnish
age: 414
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 21
x-timer: S1715172638.514026,VS0,VE0
vary: Accept-Encoding
x-fastly-request-id: 745388cb073ec8a39cb6b21b02f4cdb72ee54530
content-length: 8157
X-Firefox-Spdy: h2
webrtc.github.io/adapter/adapter-latest.js
185.199.108.153200 OK 28 kB URL GET HTTP/2 webrtc.github.io/adapter/adapter-latest.js
IP 185.199.108.153:443
Requested by https://1fe743a4cb9712.lhr.life/index.html.php
Certificate IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (864)
Hash 53746fa5e4acbdf06fe3eea53794a969
7834550a54a6a04001bb0b3ea36582d5ed1063f8
a89e28bb427371961bd33fb4f781b5d6d4010073ae6203f91b6a934f262fcc3c
GET /adapter/adapter-latest.js HTTP/1.1
Host: webrtc.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1fe743a4cb9712.lhr.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Fri, 29 Mar 2024 13:25:19 GMT
access-control-allow-origin: *
etag: W/"6606c13f-2027b"
expires: Fri, 03 May 2024 13:32:44 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 70D2:3020E6:2A98509:2BBB204:6634E525
accept-ranges: bytes
date: Wed, 08 May 2024 12:50:37 GMT
via: 1.1 varnish
age: 573
x-served-by: cache-hel1410027-HEL
x-cache: HIT
x-cache-hits: 10
x-timer: S1715172638.521744,VS0,VE0
vary: Accept-Encoding
x-fastly-request-id: 400b4ba4e0e2d651d746083348fd10e2d449f135
content-length: 27847
X-Firefox-Spdy: h2
www.webrtc-experiment.com/RecordRTC.js
185.199.108.153200 OK 38 kB URL GET HTTP/2 www.webrtc-experiment.com/RecordRTC.js
IP 185.199.108.153:443
Requested by https://1fe743a4cb9712.lhr.life/index.html.php
Certificate IssuerLet's Encrypt
Subjectwww.webrtc-experiment.com
FingerprintC4:28:60:27:09:07:58:92:76:32:BF:C3:5F:17:0F:49:ED:59:C9:E3
ValidityTue, 12 Mar 2024 04:12:56 GMT - Mon, 10 Jun 2024 04:12:55 GMT
File type JavaScript source, ASCII text
Hash d50c9fdacd4f5489ae7ca7cb40c17a64
7c0516372f989bd6dc5a3ef62254cf649d24ce36
08d112030ce1a1d941742995e2c43dbc8bc3d3c2259ea692ea875df9c3146c56
GET /RecordRTC.js HTTP/1.1
Host: www.webrtc-experiment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1fe743a4cb9712.lhr.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Sun, 26 Nov 2023 13:52:09 GMT
access-control-allow-origin: *
etag: W/"65634d89-2f712"
expires: Wed, 08 May 2024 04:17:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 5380:2A16A1:2D27C1D:2E69451:663AFA7F
accept-ranges: bytes
age: 189
date: Wed, 08 May 2024 12:50:37 GMT
via: 1.1 varnish
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715172638.540341,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: d5463108685adea85ee10cb072fbbd294aee2d66
content-length: 37725
X-Firefox-Spdy: h2
wybiral.github.io/code-art/projects/tiny-mirror/index.js
185.199.108.153200 OK 742 B URL GET HTTP/2 wybiral.github.io/code-art/projects/tiny-mirror/index.js
IP 185.199.108.153:443
Requested by https://1fe743a4cb9712.lhr.life/index.html.php
Certificate IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
Hash 65d5f2a4fd176eacfcbb17cca28a654a
489c65ce544c992668cfbece78168097bb47c5d9
00b54caaaf994fd569c596cff89e2e4e16efbba4f9d00148214f314d2aff73b9
GET /code-art/projects/tiny-mirror/index.js HTTP/1.1
Host: wybiral.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1fe743a4cb9712.lhr.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Fri, 26 Apr 2019 04:57:12 GMT
access-control-allow-origin: *
etag: W/"5cc28fa8-740"
expires: Wed, 08 May 2024 12:16:23 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 2272:35DF7B:55EC68F:58491F3:663B6AE1
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 12:50:37 GMT
via: 1.1 varnish
x-served-by: cache-hel1410031-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715172638.528119,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: c7465be5b042c1bca99864757dc9b5b328360318
content-length: 742
X-Firefox-Spdy: h2
www.webrtc-experiment.com/gif-recorder.js
185.199.108.153200 OK 3.5 kB URL GET HTTP/2 www.webrtc-experiment.com/gif-recorder.js
IP 185.199.108.153:443
Requested by https://1fe743a4cb9712.lhr.life/index.html.php
Certificate IssuerLet's Encrypt
Subjectwww.webrtc-experiment.com
FingerprintC4:28:60:27:09:07:58:92:76:32:BF:C3:5F:17:0F:49:ED:59:C9:E3
ValidityTue, 12 Mar 2024 04:12:56 GMT - Mon, 10 Jun 2024 04:12:55 GMT
File type ASCII text, with very long lines (6974)
Hash 720f9d24c9e1987d42c18b29db90c4f9
b7a29854a2b00bdeb3190676b3724de0c5a3f926
e62771b272705e26e00fd40964f66505bd2dcb340b9efeef225a04d66c2a5820
GET /gif-recorder.js HTTP/1.1
Host: www.webrtc-experiment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1fe743a4cb9712.lhr.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Sun, 26 Nov 2023 13:52:10 GMT
access-control-allow-origin: *
etag: W/"65634d8a-1c7f"
expires: Wed, 08 May 2024 12:37:11 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 118E:172F30:223F3D3:23176A3:663B6F9F
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 12:50:37 GMT
via: 1.1 varnish
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715172638.512429,VS0,VE127
vary: Accept-Encoding
x-fastly-request-id: 423c764f8a2ca653e63cfd46ab0fc9741a165bb4
content-length: 3474
X-Firefox-Spdy: h2
www.webrtc-experiment.com/getScreenId.js
185.199.108.153200 OK 1.6 kB URL GET HTTP/2 www.webrtc-experiment.com/getScreenId.js
IP 185.199.108.153:443
Requested by https://1fe743a4cb9712.lhr.life/index.html.php
Certificate IssuerLet's Encrypt
Subjectwww.webrtc-experiment.com
FingerprintC4:28:60:27:09:07:58:92:76:32:BF:C3:5F:17:0F:49:ED:59:C9:E3
ValidityTue, 12 Mar 2024 04:12:56 GMT - Mon, 10 Jun 2024 04:12:55 GMT
File type JavaScript source, ASCII text
Hash c98152a25e930efa79151527ce4b2055
7438679e67f6c6cb5c4dc1eec42ac2642f4d0beb
ab81bae198cbed9f0f5cc892e92f499ab4eab93fa245c36ff789183874b36dfc
GET /getScreenId.js HTTP/1.1
Host: www.webrtc-experiment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1fe743a4cb9712.lhr.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Sun, 26 Nov 2023 13:52:10 GMT
access-control-allow-origin: *
etag: W/"65634d8a-1b2d"
expires: Wed, 08 May 2024 12:37:11 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: A6C8:313486:2541A94:262232D:663B6F9E
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 12:50:37 GMT
via: 1.1 varnish
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715172638.538809,VS0,VE123
vary: Accept-Encoding
x-fastly-request-id: fc074ab2faf2ed1826b2817acb644ad816af5407
content-length: 1602
X-Firefox-Spdy: h2
1fe743a4cb9712.lhr.life/index.html.php
3.234.18.192200 OK 12 kB URL User Request GET HTTP/1.1 1fe743a4cb9712.lhr.life/index.html.php
IP 3.234.18.192:443
Certificate IssuerAmazon
Subjectlocalhost.run
FingerprintF1:75:EC:7E:A1:B7:8D:4D:AD:2E:95:4D:CE:91:BD:17:48:9C:30:3E
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (8534)
Hash 1dca101033444c9660d44ef1d77b4b03
8b5e54652a7a496fa8b32f1928c188942029e5a1
f0b269ef39553d5adbc121c572e3fc02ef55fd3a99276240720b3bfafe3fa6e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /index.html.php HTTP/1.1
Host: 1fe743a4cb9712.lhr.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Host: 1fe743a4cb9712.lhr.life
Date: Wed, 08 May 2024 12:50:33 GMT
Connection: close
X-Powered-By: PHP/8.3.6
Content-type: text/html; charset=UTF-8
1fe743a4cb9712.lhr.life/script.js
3.234.18.192200 OK 536 B URL GET HTTP/1.1 1fe743a4cb9712.lhr.life/script.js
IP 3.234.18.192:443
Requested by https://1fe743a4cb9712.lhr.life/index.html.php
Certificate IssuerAmazon
Subjectlocalhost.run
FingerprintF1:75:EC:7E:A1:B7:8D:4D:AD:2E:95:4D:CE:91:BD:17:48:9C:30:3E
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type JavaScript source, ASCII text
Hash 31d5b400499b076e66aea30a62bccfcd
c4339a3ef7f03be84261ae897569f752644a47cc
f39e64933bcbea6a3117322ffed6d64f7838461308c2b950b9119be1c25168f3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /script.js HTTP/1.1
Host: 1fe743a4cb9712.lhr.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1fe743a4cb9712.lhr.life/index.html.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Host: 1fe743a4cb9712.lhr.life
Date: Wed, 08 May 2024 12:50:35 GMT
Connection: close
Content-Type: application/javascript
Content-Length: 536
1fe743a4cb9712.lhr.life/styles.css
3.234.18.192200 OK 1.7 kB URL GET HTTP/1.1 1fe743a4cb9712.lhr.life/styles.css
IP 3.234.18.192:443
Requested by https://1fe743a4cb9712.lhr.life/index.html.php
Certificate IssuerAmazon
Subjectlocalhost.run
FingerprintF1:75:EC:7E:A1:B7:8D:4D:AD:2E:95:4D:CE:91:BD:17:48:9C:30:3E
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
Hash 9d5b60375e39c5faa275418bfb2d6c63
06d37457be5982a22d8e80f9f29813c926014794
14af0c2374baf3d6dab5dcba0b09b9dde139f7e51d863903a73298bebdd11ff3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /styles.css HTTP/1.1
Host: 1fe743a4cb9712.lhr.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1fe743a4cb9712.lhr.life/index.html.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Host: 1fe743a4cb9712.lhr.life
Date: Wed, 08 May 2024 12:50:35 GMT
Connection: close
Content-Type: text/css; charset=UTF-8
Content-Length: 1733
fonts.googleapis.com/css2?family=Nunito:wght@500&display=swap
142.250.74.106200 OK 1.0 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Nunito:wght@500&display=swap
IP 142.250.74.106:443
Requested by https://1fe743a4cb9712.lhr.life/index.html.php
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File type gzip compressed data, max compression
Hash 976cae88460c0ace207401459f4309aa
7ad0c2a669b99ad25a5f2e231a3116bcb0ac5b6e
5e39c8957050428f4e58c3aa5bce3c6f9879bb9c4d1e1076ea17c577fc96ea54
GET /css2?family=Nunito:wght@500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1fe743a4cb9712.lhr.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 12:50:39 GMT
date: Wed, 08 May 2024 12:50:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDIkhdTQ3jw.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDIkhdTQ3jw.woff2
IP 216.58.207.227:443
Requested by https://1fe743a4cb9712.lhr.life/index.html.php
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 16504, version 1.0
Hash a946e54d310beb6b032582915ba20462
dc09d2ea8bf4388f17af428720200faa1f4eb56d
b14d0eb15d2c7bc6e9da3cd228a76ccd7c0e26d2d7d546a4fedc658b1586c5b4
GET /s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDIkhdTQ3jw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1fe743a4cb9712.lhr.life
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 May 2024 18:00:03 GMT
expires: Mon, 05 May 2025 18:00:03 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:02:22 GMT
content-type: font/woff2
age: 240636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1fe743a4cb9712.lhr.life/images/favicon.ico
3.234.18.192404 Not Found 551 B URL GET HTTP/1.1 1fe743a4cb9712.lhr.life/images/favicon.ico
IP 3.234.18.192:443
Requested by https://1fe743a4cb9712.lhr.life/index.html.php
Certificate IssuerAmazon
Subjectlocalhost.run
FingerprintF1:75:EC:7E:A1:B7:8D:4D:AD:2E:95:4D:CE:91:BD:17:48:9C:30:3E
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type HTML document, ASCII text
Hash 0951ff4a96b61d60d6f56ab81f0fe011
a01e652642cba56b3cb667251f1a49a8a05c5e4a
52f896486117534643975be4852f55cc0a079b23aaf1d65813d9b50102f28bfb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/favicon.ico HTTP/1.1
Host: 1fe743a4cb9712.lhr.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1fe743a4cb9712.lhr.life/index.html.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Host: 1fe743a4cb9712.lhr.life
Date: Wed, 08 May 2024 12:50:37 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 551
3.234.18.192302 Found 3.6 kB URL User Request GET HTTP/1.1 IP 3.234.18.192:443
Certificate IssuerAmazon
Subjectlocalhost.run
FingerprintF1:75:EC:7E:A1:B7:8D:4D:AD:2E:95:4D:CE:91:BD:17:48:9C:30:3E
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 1fe743a4cb9712.lhr.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Host: 1fe743a4cb9712.lhr.life
Date: Wed, 08 May 2024 12:50:32 GMT
Connection: close
X-Powered-By: PHP/8.3.6
Location: index.html.php
Content-type: text/html; charset=UTF-8
1fe743a4cb9712.lhr.life/recorder.js
3.234.18.192200 OK 8.5 kB URL GET HTTP/1.1 1fe743a4cb9712.lhr.life/recorder.js
IP 3.234.18.192:443
Requested by https://1fe743a4cb9712.lhr.life/index.html.php
Certificate IssuerAmazon
Subjectlocalhost.run
FingerprintF1:75:EC:7E:A1:B7:8D:4D:AD:2E:95:4D:CE:91:BD:17:48:9C:30:3E
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (8732), with no line terminators
Hash 8daccedbc64a0d41c97f8c28fcb51253
b97e7f3498f074a4da31b32fd3506dfe6f3298a7
467c953acf53f8cc3025a3294932bd08fa35511ad3f9c96d6fd090f87eb78159
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /recorder.js HTTP/1.1
Host: 1fe743a4cb9712.lhr.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1fe743a4cb9712.lhr.life/index.html.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Host: 1fe743a4cb9712.lhr.life
Date: Wed, 08 May 2024 12:50:35 GMT
Connection: close
Content-Type: application/javascript
Content-Length: 8535
1fe743a4cb9712.lhr.life/favicon.ico
0.0.0.0 0 B URL GET 1fe743a4cb9712.lhr.life/favicon.ico
IP 0.0.0.0:0
Requested by https://1fe743a4cb9712.lhr.life/index.html.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: 1fe743a4cb9712.lhr.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1fe743a4cb9712.lhr.life/index.html.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache